Third Party Risk in the Age of AI. A Spotlight on Black Kite

razorthorn logo
Razorwire Cybersecurity
Jun 3, 2026
Razorthorn

Your vendors are adopting AI faster than you can assess them. What does that mean for your third party risk?

Welcome to Razorwire, the podcast where we share our take on the world of cybersecurity with direct, practical advice for professionals and business owners alike. I'm Jim and in this Spotlight on Technology episode, I'm joined by Jeffrey Wheatman, Senior Vice President and Cyber Risk Strategist at Black Kite. Jeffrey previously spent over a decade as an analyst VP at Gartner, where he launched their third party cyber risk management coverage.

Third party risk management used to be fairly straightforward. If finance was happy and legal had signed off, you moved ahead. That world is gone. Organisations now depend on layers of vendors, suppliers and service providers, often extending far beyond what security teams can realistically see. When a logistics company can collapse within months of a ransomware attack, and a single supplier incident can have national economic impact, the question is no longer whether third party risk matters. It's whether your programme can keep up.

This episode explores how the industry is moving beyond spreadsheets and questionnaires towards intelligence-led continuous monitoring, why AI is making third party risk exponentially harder to manage and how Black Kite is helping organisations gain visibility across increasingly complex supply chains.

Three key talking points:

  • You can't protect what you can't see
  • AI just made your third party programme ten times harder
  • From questionnaires to continuous intelligence

If your third party risk programme is still running on spreadsheets and annual reviews, this episode will make you uncomfortable. And it should.

On why most organisations don't know which vendors matter most:
“All your vendors are equal, but some vendors are more equal than others. And most people don't really know how to figure that out.”
Jeffrey Wheatman

In this episode, we covered the following topics:

  • When a Vendor Goes Down, You Go Down With Them
  • The Nth Party Problem
  • Concentration Risk and Single Points of Failure
  • Three Ways AI Is Complicating Third Party Risk
  • Shadow AI in Your Supply Chain
  • The AI Vendor Bubble
  • Moving Beyond Spreadsheets and Questionnaires
  • How Black Kite Approaches Third Party Risk
  • The Ownership Problem

For more information about us or if you have any questions you would like us to discuss email podcast@razorthorn.com.
If you need consultation, visit (https://www.razorthorn.com). We give our clients a personalised, integrated approach to information security, driven by our belief in quality and discretion.

Follow us online:
LinkedIn: (https://www.linkedin.com/company/razorthorn-security)
YouTube: (https://www.youtube.com/c/RazorthornSecurity)
TikTok: (https://www.tiktok.com/@razorwire.podcast)
Instagram: (https://www.instagram.com/razorwire.podcast)
X: (https://x.com/RazorThornLTD)
Website: (https://www.razorthorn.com)

Copyright © 2026 OpsMatters™. All rights reserved.